Story image

Palo Alto Networks takes security logs to the cloud

18 Oct 17

Palo Alto Networks has introduced a new cloud-based logging service for customers who wish to amass large amounts of their own data from the company’s security platform, in a move to push the limited hardware capacity of legacy logging systems to the sidelines.

The company launched the new service to work best with machine learning and advanced analytics – which the company claims can be used to correlate potential threats and prevent cyber breaches.

Palo Alto Networks Next-Generation Security Platform will feed the data to organisations in a way that delivers scalable logging infrastructure without operational overheads.

According to ZK Researcher founder and principal analyst Zeus Kerravala, large overhead costs prevent organisations from efficiently collecting large amounts of data and being able to action it.

He believes that the new technology will able to deploy information quicker and “Share information between different applications and sensors, and scale their capacity on a dime, empowering them with enhanced capabilities to spot and prevent successful cyberattacks.” 

Palo Alto says that large data logs are important for organisations to be able to store, process and analyse as much data as possible in order to improve threat visibility.

The company designed its Logging Service to allow data collection without local compute and storage limitations. The ‘cloud-based approach’ also changes the economics of log data collection, making it easier to collect as much data as required.

·         Central repository for events, traffic and security logs: Logging Service provides a cloud-based central repository for context-rich logs generated by the Palo Alto Networks Next-Generation Platform.

·         Simplified operations: Logging Service simplifies the procurement, deployment and ongoing management of storage and compute infrastructure for event, traffic and security logs, eliminating the complexity of planning and operating logging capacity.

·         Increased business responsiveness: Organizations can procure and deploy logging capacity quickly via a flexible model that allows organizations to become more responsive to changes in logging needs due to unforeseen business circumstances or new compliance requirements.

·         Actionable insights: As part of the Application Framework, customers can use log data within new security applications to apply machine learning and advanced analytics, and can take security enforcement actions in concert with Palo Alto Networks enforcement points to prevent advanced attacks.

Lee Klarich, Palo Alto Networks chief product officer, says the Logging Service is the foundation for the company’s forthcoming Palo Alto Networks Application Framework.

This new offering significantly reduces the complexity and economics of log management, enabling customers to make better correlations, and effectively respond to and prevent successful cyber attacks,” he says.

The Application Framework will be part of the company’s next stage of rolling a range of cloud-based security applications.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.